Wardriving


Wardriving is, in a nutshell, carrying a laptop or PDA around in search of unprotected Wi-Fi access points to get Internet access for free. While you can do it solely with what you get with your operating system, an entirely new class of utilities surfaced to ease the task.

Since I designed a public Wi-Fi service and have a network security background, I'm interested in defending agains the practice - which, by the way, I do not condone in any way. Nevertheless, Wardriving tools (especially those able to display multiple signal levels simultaneously) are useful for site surveys.

(As with everything else, the tools themselves do not construe criminal intent - it's been that way ever since the hammer was invented, but the sort of people who think nmap is a hacking tool have a tendency to look at everything as a nail...)

From a purely technical standpoint, there are two classes of tools: active (those which try associating to all visible networds) and passive (those which only listen to passing radio bursts).

The passive ones are by far the most dangerous ones, because they also allow for traffic sniffing and do not leave any sort of trace (any competent WLAN admin will at least check the number of association attempts and do a periodic tally of foreign MAC addresses...).

Tools:

...and lots more here.

Oddities: